Smart Phones, Online Security?

[dowork]

I'm a newb at security, was hoping someone could explain these things?

Smart phones don't have any anti-virus/firewall protection. Most people get business email on them but also surf the web, use apps etc. Aren't they completely open to malicious software being auto installed as they surf and thus comprising their business email? If someone gets into your email account they can do a lot of damage. Request pw resets on all your accounts, etc.

Can people hack smart phones by being in the same area as you. Like intercept the signal as its being sent. Almost like monitoring packets on a wifi network.

I know email is completely unsecure but how does it work with smart phones?

Also do you use different computers for doing work online and things like browsing wicked fire, affiliate blogs, etc.

No idea how it works, but I would assume guys would be trying to insert malicoius code or do the auto download stuff, to try to install a Go To My PC, to see everything all the big affiliates are doing. Mess with competitors, take down their hosting, etc.

Or even just knowing their IP, they could prob trace it to the internet pipe its on and then monitor the packets.

Is that a concern, or do you just use 1 computer for everything? Is setting your firewall to ask before accepting any new connections all you need?

Obv Tin Foil hat but just looking for some legit answers

 

[dmnEPC]

 

[dowork]

LOL I expected that.

But it seems most people are totally lax with security and can get their biz totally fucked. Was hoping those knowledgeable on this could shed some light.

 

[handrewrites]

Well it's hard enough securing your desktop/laptop (whether you're using Windows/OSX/Linux) but when you start doing business on smartphones it's a whole new ballgame.

Solution: no critical business on smartphones. If not because of digital security, then because of the fact that it's much easier to physically misplace it.

Though with web apps over SSL (like gmail with https permanently activated) things start looking better, but then a keylogger could fuck you up.

But then again there's antispyware/antivirii for smartphones. As for hacking wireless data it's all about the level/type of encryption.

 

[AustinP]

I dont think smartphones have registry databases. If there arent registry files to tamper with, there shouldnt be an issue.

 

[dowork]

Well it's hard enough securing your desktop/laptop (whether you're using Windows/OSX/Linux) but when you start doing business on smartphones it's a whole new ballgame.

Solution: no critical business on smartphones. If not because of digital security, then because of the fact that it's much easier to physically misplace it.

Though with web apps over SSL (like gmail with https permanently activated) things start looking better, but then a keylogger could fuck you up.

But then again there's antispyware/antivirii for smartphones. As for hacking wireless data it's all about the level/type of encryption.

Exactly.

I'm sorry your right there are antispy/antivirus but I read they more slow things down then do much, plus they will not stop custom unique malware. Not distributed on a mass scale.

Its funny cuz all big business do work via smart phones, I would think stock traders and competiors are all over this. And prob know exactly whre the companies stock price is going and what their competitors are doing just by monitoring the emails sent on smart phones.

 

[kingofsp]

Here is a pretty lengthy article recently written by a very smart friend of mine that talks about mobile security, specifically relating to the risks of making payments from mobile devices: Mobile Phone Payment Systems: Security Concerns | Sabretooth Global Blog